github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 00:03:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

spelling corrections

Browse Source
This commit is contained in:
Jeremy Long
2017-03-11 14:15:24 -05:00
parent 1d32a6012a
commit 5ed6e838fc
27 changed files with 80 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
dependency-check-ant/src/main/java/org/owasp/dependencycheck/taskdefs/Check.java
View File

@@ -69,9 +69,8 @@ public class Check extends Update {
* Whether the CMake analyzer should be enabled.
*/
private Boolean cmakeAnalyzerEnabled;
/**
* Whether or not the openssl analyzer is enabled.
* Whether or not the Open SSL analyzer is enabled.
*/
private Boolean opensslAnalyzerEnabled;
/**
@@ -90,7 +89,6 @@ public class Check extends Update {
* Whether or not the nexus analyzer is enabled.
*/
private Boolean nexusAnalyzerEnabled;
/**
* The URL of a Nexus server's REST API end point
* (http://domain/nexus/service/local).
@@ -109,7 +107,7 @@ public class Check extends Update {
* The path to Mono for .NET assembly analysis on non-windows systems.
*/
private String pathToMono;
/**
* The application name for the report.
*
@@ -121,7 +119,6 @@ public class Check extends Update {
* The name of the project being analyzed.
*/
private String projectName = "dependency-check";
/**
* Specifies the destination directory for the generated Dependency-Check
* report.
@@ -189,7 +186,8 @@ public class Check extends Update {
/**
* Whether or not the .NET Assembly Analyzer is enabled.
*/
private Boolean assemblyAnalyzerEnabled; /**
private Boolean assemblyAnalyzerEnabled;
/**
* Whether the autoconf analyzer should be enabled.
*/
private Boolean autoconfAnalyzerEnabled;
@@ -213,9 +211,9 @@ public class Check extends Update {
*/
private Resources path = null;
/**
* Reference to path/fileset to convert
* Reference to path/file set to convert
*/
private Reference refid = null;
private Reference refId = null;
/**
* Add an arbitrary ResourceCollection.
@@ -225,7 +223,7 @@ public class Check extends Update {
*/
public void add(ResourceCollection rc) {
if (isReference()) {
throw new BuildException("Nested elements are not allowed when using the refid attribute.");
throw new BuildException("Nested elements are not allowed when using the refId attribute.");
}
getPath().add(rc);
}
@@ -245,12 +243,12 @@ public class Check extends Update {
}
/**
* Learn whether the refid attribute of this element been set.
* Learn whether the refId attribute of this element been set.
*
* @return true if refid is valid.
* @return true if refId is valid.
*/
public boolean isReference() {
return refid != null;
return refId != null;
}
/**
@@ -259,11 +257,11 @@ public class Check extends Update {
*
* @param r the reference to a path, fileset, dirset or filelist.
*/
public void setRefid(Reference r) {
public void setRefId(Reference r) {
if (path != null) {
throw new BuildException("Nested elements are not allowed when using the refid attribute.");
throw new BuildException("Nested elements are not allowed when using the refId attribute.");
}
refid = r;
refId = r;
}
/**
@@ -274,9 +272,9 @@ public class Check extends Update {
*/
private void dealWithReferences() throws BuildException {
if (isReference()) {
final Object o = refid.getReferencedObject(getProject());
final Object o = refId.getReferencedObject(getProject());
if (!(o instanceof ResourceCollection)) {
throw new BuildException("refid '" + refid.getRefId()
throw new BuildException("refId '" + refId.getRefId()
+ "' does not refer to a resource collection.");
}
getPath().add((ResourceCollection) o);
@@ -284,7 +282,6 @@ public class Check extends Update {
}
// END COPY from org.apache.tools.ant.taskdefs
/**
* Construct a new DependencyCheckTask.
*/
@@ -317,6 +314,7 @@ public class Check extends Update {
public void setApplicationName(String applicationName) {
this.applicationName = applicationName;
}
/**
* Get the value of projectName.
*
@@ -470,6 +468,7 @@ public class Check extends Update {
public void setHintsFile(String hintsFile) {
this.hintsFile = hintsFile;
}
/**
* Get the value of showSummary.
*
@@ -670,9 +669,9 @@ public class Check extends Update {
}
/**
* Returns if the cocoapods analyyzer is enabled.
* Returns if the cocoapods analyzer is enabled.
*
* @return if the cocoapods analyyzer is enabled
* @return if the cocoapods analyzer is enabled
*/
public boolean isCocoapodsAnalyzerEnabled() {
return cocoapodsAnalyzerEnabled;
@@ -950,7 +949,7 @@ public class Check extends Update {
//TODO shouldn't this be a fatal exception
log("Unable to retrieve DB Properties", ex, Project.MSG_DEBUG);
}
final ReportGenerator reporter = new ReportGenerator(getProjectName(), engine.getDependencies(), engine.getAnalyzers(), prop);
reporter.generateReports(reportOutputDirectory, reportFormat);

4
dependency-check-cli/src/main/java/org/owasp/dependencycheck/CliParser.java
View File

@@ -249,7 +249,7 @@ public final class CliParser {
final Option excludes = Option.builder().argName("pattern").hasArg().longOpt(ARGUMENT.EXCLUDE)
.desc("Specify and exclusion pattern. This option can be specified multiple times"
+ " and it accepts Ant style excludsions.")
+ " and it accepts Ant style exclusions.")
.build();
final Option props = Option.builder(ARGUMENT.PROP_SHORT).argName("file").hasArg().longOpt(ARGUMENT.PROP)
@@ -286,7 +286,7 @@ public final class CliParser {
.build();
final Option experimentalEnabled = Option.builder().longOpt(ARGUMENT.EXPERIMENTAL)
.desc("Enables the experimental analzers.")
.desc("Enables the experimental analyzers.")
.build();
final Option failOnCVSS = Option.builder().argName("score").hasArg().longOpt(ARGUMENT.FAIL_ON_CVSS)

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AnalyzerService.java
View File

@@ -63,7 +63,7 @@ public class AnalyzerService {
try {
experimentalEnabled = Settings.getBoolean(Settings.KEYS.ANALYZER_EXPERIMENTAL_ENABLED, false);
} catch (InvalidSettingException ex) {
LOGGER.error("invalide experimental setting", ex);
LOGGER.error("invalid experimental setting", ex);
}
while (iterator.hasNext()) {
final Analyzer a = iterator.next();

12
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.java
View File

@@ -98,7 +98,7 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
/**
* The set of things we can handle with Zip methods
*/
private static final Set<String> ZIPPABLES = newHashSet("zip", "ear", "war", "jar", "sar", "apk", "nupkg");
private static final Set<String> KNOWN_ZIP_EXT = newHashSet("zip", "ear", "war", "jar", "sar", "apk", "nupkg");
/**
* The set of file extensions supported by this analyzer. Note for
* developers, any additions to this list will need to be explicitly handled
@@ -110,9 +110,9 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
final String additionalZipExt = Settings.getString(Settings.KEYS.ADDITIONAL_ZIP_EXTENSIONS);
if (additionalZipExt != null) {
final String[] ext = additionalZipExt.split("\\s*,\\s*");
Collections.addAll(ZIPPABLES, ext);
Collections.addAll(KNOWN_ZIP_EXT, ext);
}
EXTENSIONS.addAll(ZIPPABLES);
EXTENSIONS.addAll(KNOWN_ZIP_EXT);
}
/**
@@ -303,11 +303,11 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
*/
private void addDisguisedJarsToDependencies(Dependency dependency, Engine engine) throws AnalysisException {
if (ZIP_FILTER.accept(dependency.getActualFile()) && isZipFileActuallyJarFile(dependency)) {
final File tdir = getNextTempDirectory();
final File tempDir = getNextTempDirectory();
final String fileName = dependency.getFileName();
LOGGER.info("The zip file '{}' appears to be a JAR file, making a copy and analyzing it as a JAR.", fileName);
final File tmpLoc = new File(tdir, fileName.substring(0, fileName.length() - 3) + "jar");
final File tmpLoc = new File(tempDir, fileName.substring(0, fileName.length() - 3) + "jar");
//store the archives sha1 and change it so that the engine doesn't think the zip and jar file are the same
// and add it is a related dependency.
final String archiveSha1 = dependency.getSha1sum();
@@ -399,7 +399,7 @@ public class ArchiveAnalyzer extends AbstractFileTypeAnalyzer {
GzipCompressorInputStream gin = null;
BZip2CompressorInputStream bzin = null;
try {
if (ZIPPABLES.contains(archiveExt)) {
if (KNOWN_ZIP_EXT.contains(archiveExt)) {
in = new BufferedInputStream(fis);
ensureReadableJar(archiveExt, in);
zin = new ZipArchiveInputStream(in);

8
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/AssemblyAnalyzer.java
View File

@@ -183,7 +183,7 @@ public class AssemblyAnalyzer extends AbstractFileTypeAnalyzer {
LOGGER.error("Failed to read the Assembly Analyzer results. "
+ "On some systems mono-runtime and mono-devel need to be installed.");
LOGGER.error("----------------------------------------------------");
throw new AnalysisException("Couldn't parse Assembly Analzyzer results (GrokAssembly)", saxe);
throw new AnalysisException("Couldn't parse Assembly Analyzer results (GrokAssembly)", saxe);
}
// This shouldn't happen
@@ -202,7 +202,7 @@ public class AssemblyAnalyzer extends AbstractFileTypeAnalyzer {
tempFile = File.createTempFile("GKA", ".exe", Settings.getTempDirectory());
} catch (IOException ex) {
setEnabled(false);
throw new InitializationException("Unable to create temporary file for the assembly analyzerr", ex);
throw new InitializationException("Unable to create temporary file for the assembly analyzer", ex);
}
FileOutputStream fos = null;
InputStream is = null;
@@ -248,7 +248,7 @@ public class AssemblyAnalyzer extends AbstractFileTypeAnalyzer {
//
// We need to create a non-fatal warning error type that will
// get added to the report.
//TOOD this idea needs to get replicated to the bundle audit analyzer.
//TODO this idea needs to get replicated to the bundle audit analyzer.
if (args == null) {
setEnabled(false);
LOGGER.error("----------------------------------------------------");
@@ -366,7 +366,7 @@ public class AssemblyAnalyzer extends AbstractFileTypeAnalyzer {
return true;
}
} catch (IOException | InterruptedException ex) {
LOGGER.debug("Path seach failed for " + file, ex);
LOGGER.debug("Path search failed for " + file, ex);
}
return false;
}

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CPEAnalyzer.java
View File

@@ -208,7 +208,7 @@ public class CPEAnalyzer extends AbstractAnalyzer {
* @throws ParseException is thrown when the Lucene query cannot be parsed.
*/
protected void determineCPE(Dependency dependency) throws CorruptIndexException, IOException, ParseException {
//TODO test dojo-war against this. we shold get dojo-toolkit:dojo-toolkit AND dojo-toolkit:toolkit
//TODO test dojo-war against this. we should get dojo-toolkit:dojo-toolkit AND dojo-toolkit:toolkit
String vendors = "";
String products = "";
for (Confidence confidence : Confidence.values()) {

6
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/CentralAnalyzer.java
View File

@@ -103,14 +103,14 @@ public class CentralAnalyzer extends AbstractFileTypeAnalyzer {
* <code>false</code>
*/
private boolean checkEnabled() {
boolean retval = false;
boolean retVal = false;
try {
if (Settings.getBoolean(Settings.KEYS.ANALYZER_CENTRAL_ENABLED)) {
if (!Settings.getBoolean(Settings.KEYS.ANALYZER_NEXUS_ENABLED)
|| NexusAnalyzer.DEFAULT_URL.equals(Settings.getString(Settings.KEYS.ANALYZER_NEXUS_URL))) {
LOGGER.debug("Enabling the Central analyzer");
retval = true;
retVal = true;
} else {
LOGGER.info("Nexus analyzer is enabled, disabling the Central Analyzer");
}
@@ -120,7 +120,7 @@ public class CentralAnalyzer extends AbstractFileTypeAnalyzer {
} catch (InvalidSettingException ise) {
LOGGER.warn("Invalid setting. Disabling the Central analyzer");
}
return retval;
return retVal;
}
/**

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/RubyBundleAuditAnalyzer.java
View File

@@ -172,7 +172,7 @@ public class RubyBundleAuditAnalyzer extends AbstractFileTypeAnalyzer {
exitValue = process.waitFor();
} catch (InterruptedException ex) {
setEnabled(false);
final String msg = String.format("Bundle-audit process was interupted. Disabling %s", ANALYZER_NAME);
final String msg = String.format("Bundle-audit process was interrupted. Disabling %s", ANALYZER_NAME);
throw new InitializationException(msg);
}
if (0 == exitValue) {

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java
View File

@@ -39,7 +39,7 @@ import org.slf4j.LoggerFactory;
*/
public class VersionFilterAnalyzer extends AbstractAnalyzer {
//<editor-fold defaultstate="collapsed" desc="Constaints">
//<editor-fold defaultstate="collapsed" desc="Constants">
/**
* Evidence source.
*/

12
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/central/CentralSearch.java
View File

@@ -128,11 +128,11 @@ public class CentralSearch {
final String a = xpath.evaluate("./str[@name='a']", docs.item(i));
LOGGER.trace("ArtifactId: {}", a);
final String v = xpath.evaluate("./str[@name='v']", docs.item(i));
NodeList atts = (NodeList) xpath.evaluate("./arr[@name='ec']/str", docs.item(i), XPathConstants.NODESET);
NodeList attributes = (NodeList) xpath.evaluate("./arr[@name='ec']/str", docs.item(i), XPathConstants.NODESET);
boolean pomAvailable = false;
boolean jarAvailable = false;
for (int x = 0; x < atts.getLength(); x++) {
final String tmp = xpath.evaluate(".", atts.item(x));
for (int x = 0; x < attributes.getLength(); x++) {
final String tmp = xpath.evaluate(".", attributes.item(x));
if (".pom".equals(tmp)) {
pomAvailable = true;
} else if (".jar".equals(tmp)) {
@@ -140,10 +140,10 @@ public class CentralSearch {
}
}
atts = (NodeList) xpath.evaluate("./arr[@name='tags']/str", docs.item(i), XPathConstants.NODESET);
attributes = (NodeList) xpath.evaluate("./arr[@name='tags']/str", docs.item(i), XPathConstants.NODESET);
boolean useHTTPS = false;
for (int x = 0; x < atts.getLength(); x++) {
final String tmp = xpath.evaluate(".", atts.item(x));
for (int x = 0; x < attributes.getLength(); x++) {
final String tmp = xpath.evaluate(".", attributes.item(x));
if ("https".equals(tmp)) {
useHTTPS = true;
}

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/composer/ComposerDependency.java
View File

@@ -18,7 +18,7 @@
package org.owasp.dependencycheck.data.composer;
/**
* Reperesents a dependency (GAV, right now) from a Composer dependency.
* Represents a dependency (GAV, right now) from a Composer dependency.
*
* @author colezlaw
*/

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/composer/ComposerLockParser.java
View File

@@ -81,7 +81,7 @@ public class ComposerLockParser {
final String group = groupName.substring(0, groupName.indexOf('/'));
final String project = groupName.substring(groupName.indexOf('/') + 1);
String version = pkg.getString("version");
// Some version nubmers begin with v - which doesn't end up matching CPE's
// Some version numbers begin with v - which doesn't end up matching CPE's
if (version.startsWith("v")) {
version = version.substring(1);
}

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/nvdcve/ConnectionFactory.java
View File

@@ -342,7 +342,7 @@ public final class ConnectionFactory {
LOGGER.warn("A new version of dependency-check is available; consider upgrading");
Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
} else if (e0 == c0 && e1 == c1) {
//do nothing - not sure how we got here, but just incase...
//do nothing - not sure how we got here, but just in case...
} else {
LOGGER.error("The database schema must be upgraded to use this version of dependency-check. Please see {} for more information.",
UPGRADE_HELP_URL);

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/CpeUpdater.java
View File

@@ -69,7 +69,7 @@ public class CpeUpdater { //extends BaseUpdater implements CachedWebDataSource {
// return;
// }
// } catch (InvalidSettingException ex) {
// LOGGER.trace("inavlid setting UPDATE_NVDCVE_ENABLED", ex);
// LOGGER.trace("invalid setting UPDATE_NVDCVE_ENABLED", ex);
// }
// */
//

29
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/cpe/CPEHandler.java
View File

@@ -30,7 +30,7 @@ import org.xml.sax.SAXException;
import org.xml.sax.helpers.DefaultHandler;
/**
* A SAX Handler that will parse the CPE XML and load it into the databse.
* A SAX Handler that will parse the CPE XML and load it into the database.
*
* @author Jeremy Long
*/
@@ -154,35 +154,10 @@ public class CPEHandler extends DefaultHandler {
public void endElement(String uri, String localName, String qName) throws SAXException {
current.setNode(qName);
if (current.isSchemaVersionNode() && !CURRENT_SCHEMA_VERSION.equals(nodeText.toString())) {
throw new SAXException("ERROR: Unexpecgted CPE Schema Version, expected: "
throw new SAXException("ERROR: Unexpected CPE Schema Version, expected: "
+ CURRENT_SCHEMA_VERSION + ", file is: " + nodeText);
}
// } else if (current.isCpeItemNode()) {
// //do nothing
// } else if (current.isTitleNode()) {
// //do nothing
// } else if (current.isCpeListNode()) {
// //do nothing
// } else if (current.isMetaNode()) {
// //do nothing
// } else if (current.isNotesNode()) {
// //do nothing
// } else if (current.isNoteNode()) {
// //do nothing
// } else if (current.isCheckNode()) {
// //do nothing
// } else if (current.isGeneratorNode()) {
// //do nothing
// } else if (current.isProductNameNode()) {
// //do nothing
// } else if (current.isProductVersionNode()) {
// //do nothing
// else if (current.isTimestampNode()) {
// //do nothing
// } else {
// throw new SAXException("ERROR STATE: Unexpected qName '" + qName + "'");
// }
}
// <editor-fold defaultstate="collapsed" desc="The Element Class that maintains state information about the current node">

1
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/nvd/ProcessTask.java
View File

@@ -18,7 +18,6 @@
package org.owasp.dependencycheck.data.update.nvd;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.sql.SQLException;
import java.util.List;

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Dependency.java
View File

@@ -598,7 +598,7 @@ public class Dependency implements Serializable, Comparable<Dependency> {
LOGGER.warn("Unable to read '{}' to determine hashes.", file.getName());
LOGGER.debug("", ex);
} catch (NoSuchAlgorithmException ex) {
LOGGER.warn("Unable to use MD5 of SHA1 checksums.");
LOGGER.warn("Unable to use MD5 or SHA1 checksums.");
LOGGER.debug("", ex);
}
this.setMd5sum(md5);

4
dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/EvidenceCollection.java
View File

@@ -397,10 +397,10 @@ public class EvidenceCollection implements Serializable, Iterable<Evidence> {
*
* <p>
* Example, given the following input:</p>
* <code>'Please visit https://www.somedomain.com/path1/path2/file.php?id=439'</code>
* <code>'Please visit https://www.owasp.com/path1/path2/file.php?id=439'</code>
* <p>
* The function would return:</p>
* <code>'Please visit somedomain path1 path2 file'</code>
* <code>'Please visit owasp path1 path2 file'</code>
*
* @param value the value that may contain a url
* @return the modified string

4
dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/ExtractionUtil.java
View File

@@ -280,7 +280,7 @@ public final class ExtractionUtil {
if (!file.renameTo(gzip)) {
throw new IOException("Unable to rename '" + file.getPath() + "'");
}
final File newfile = new File(originalPath);
final File newFile = new File(originalPath);
final byte[] buffer = new byte[4096];
@@ -288,7 +288,7 @@ public final class ExtractionUtil {
FileOutputStream out = null;
try {
cin = new GZIPInputStream(new FileInputStream(gzip));
out = new FileOutputStream(newfile);
out = new FileOutputStream(newFile);
int len;
while ((len = cin.read(buffer)) > 0) {

2
dependency-check-core/src/main/java/org/owasp/dependencycheck/xml/hints/HintRule.java
View File

@@ -255,7 +255,7 @@ public class HintRule {
return removeVersion;
}
/**
* Adds a given version to the list of evidence to matche.
* Adds a given version to the list of evidence to match.
*
* @param source the source of the evidence
* @param name the name of the evidence

2
dependency-check-core/src/main/resources/data/dbStatements.properties
View File

@@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Copyright (c) 2015 The OWASP Foundatio. All Rights Reserved.
# Copyright (c) 2015 The OWASP Foundation. All Rights Reserved.
DELETE_REFERENCE=DELETE FROM reference WHERE cveid = ?
DELETE_SOFTWARE=DELETE FROM software WHERE cveid = ?

2
dependency-check-core/src/main/resources/schema/nvdcve/2_0/scap-core_0.1.xsd
View File

@@ -133,7 +133,7 @@
<xsd:simpleType name="cweNamePatternType">
<xsd:restriction base="xsd:token">
<xsd:pattern value="CWE-[1-9]\d{0,5}"></xsd:pattern>
<xsd:pattern value="CWE-[1-9]\d{0,5}"/>
</xsd:restriction>
</xsd:simpleType>
</xsd:schema>

14
dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/AggregateMojo.java
View File

@@ -64,7 +64,7 @@ public class AggregateMojo extends BaseDependencyCheckMojo {
* and generates the subsequent reports.
*
* @throws MojoExecutionException thrown if there is ane exception running
* the mojo
* the Mojo
* @throws MojoFailureException thrown if dependency-check is configured to
* fail the build
*/
@@ -118,7 +118,7 @@ public class AggregateMojo extends BaseDependencyCheckMojo {
}
File outputDir = getCorrectOutputDirectory(this.getProject());
if (outputDir == null) {
//in some regards we shouldn't be writting this, but we are anyway.
//in some regards we shouldn't be writing this, but we are anyway.
//we shouldn't write this because nothing is configured to generate this report.
outputDir = new File(this.getProject().getBuild().getDirectory());
}
@@ -165,7 +165,7 @@ public class AggregateMojo extends BaseDependencyCheckMojo {
mpp = mpp.getCanonicalFile();
if (mpp.compareTo(mod.getBasedir()) == 0 && descendants.add(mod)
&& getLog().isDebugEnabled()) {
getLog().debug(String.format("Decendent module %s added", mod.getName()));
getLog().debug(String.format("Descendant module %s added", mod.getName()));
}
} catch (IOException ex) {
@@ -180,14 +180,14 @@ public class AggregateMojo extends BaseDependencyCheckMojo {
for (MavenProject p : getReactorProjects()) {
if (project.equals(p.getParent()) || descendants.contains(p.getParent())) {
if (descendants.add(p) && getLog().isDebugEnabled()) {
getLog().debug(String.format("Decendent %s added", p.getName()));
getLog().debug(String.format("Descendant %s added", p.getName()));
}
for (MavenProject modTest : getReactorProjects()) {
if (p.getModules() != null && p.getModules().contains(modTest.getName())
&& descendants.add(modTest)
&& getLog().isDebugEnabled()) {
getLog().debug(String.format("Decendent %s added", modTest.getName()));
getLog().debug(String.format("Descendant %s added", modTest.getName()));
}
}
}
@@ -209,7 +209,7 @@ public class AggregateMojo extends BaseDependencyCheckMojo {
}
for (MavenProject addedDescendant : addedDescendants) {
if (descendants.add(addedDescendant) && getLog().isDebugEnabled()) {
getLog().debug(String.format("Decendent module %s added", addedDescendant.getName()));
getLog().debug(String.format("Descendant module %s added", addedDescendant.getName()));
}
}
}
@@ -259,7 +259,7 @@ public class AggregateMojo extends BaseDependencyCheckMojo {
@Override
public boolean canGenerateReport() {
return true; //aggregate always returns true for now - we can look at a more complicated/acurate solution later
return true; //aggregate always returns true for now - we can look at a more complicated/accurate solution later
}
/**

9
dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
View File

@@ -109,7 +109,8 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
@Parameter(readonly = true, required = true, property = "reactorProjects")
private List<MavenProject> reactorProjects;
/**
* The entry point towards a Maven version independent way of resolving artifacts (handles both Maven 3.0 sonatype and Maven 3.1+ eclipse Aether implementations).
* The entry point towards a Maven version independent way of resolving artifacts (handles both Maven 3.0
* Sonatype and Maven 3.1+ eclipse Aether implementations).
*/
@Component
private ArtifactResolver artifactResolver;
@@ -603,7 +604,7 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
*/
protected File getDataFile(MavenProject current) {
if (getLog().isDebugEnabled()) {
getLog().debug(String.format("Getting data filefor %s using key '%s'", current.getName(), getDataFileContextKey()));
getLog().debug(String.format("Getting data file for %s using key '%s'", current.getName(), getDataFileContextKey()));
}
final Object obj = current.getContextValue(getDataFileContextKey());
if (obj != null) {
@@ -718,7 +719,7 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
}
/**
* Executes the dependency-check scan and generates the necassary report.
* Executes the dependency-check scan and generates the necessary report.
*
* @throws MojoExecutionException thrown if there is an exception running
* the scan
@@ -1160,7 +1161,7 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
* Writes the scan data to disk. This is used to serialize the scan data
* between the "check" and "aggregate" phase.
*
* @param mp the mMven project for which the data file was created
* @param mp the Maven project for which the data file was created
* @param writeTo the directory to write the data file
* @param dependencies the list of dependencies to serialize
*/

4
dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/ExpectedOjectInputStream.java → dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/ExpectedObjectInputStream.java
View File

@@ -31,7 +31,7 @@ import java.util.List;
*
* @author Jeremy Long
*/
public class ExpectedOjectInputStream extends ObjectInputStream {
public class ExpectedObjectInputStream extends ObjectInputStream {
/**
* The list of fully qualified class names that are able to be deserialized.
@@ -46,7 +46,7 @@ public class ExpectedOjectInputStream extends ObjectInputStream {
* @param expected the fully qualified class names of the classes that can be deserialized
* @throws IOException thrown if there is an error reading from the stream
*/
public ExpectedOjectInputStream(InputStream inputStream, String... expected) throws IOException {
public ExpectedObjectInputStream(InputStream inputStream, String... expected) throws IOException {
super(inputStream);
this.expected.addAll(Arrays.asList(expected));
}

2
dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/Settings.java
View File

@@ -57,7 +57,7 @@ public final class Settings {
private Properties props = null;
/**
* A reference to the temporary directory; used incase it needs to be
* A reference to the temporary directory; used in case it needs to be
* deleted during cleanup.
*/
private static File tempDirectory = null;

11
dependency-check-utils/src/test/java/org/owasp/dependencycheck/utils/ExpectedOjectInputStreamTest.java → dependency-check-utils/src/test/java/org/owasp/dependencycheck/utils/ExpectedObjectInputStreamTest.java
View File

@@ -26,15 +26,16 @@ import java.util.ArrayList;
import java.util.List;
import static org.junit.Assert.fail;
import org.junit.Test;
import static org.junit.Assert.fail;
/**
*
* @author jeremy
*/
public class ExpectedOjectInputStreamTest {
public class ExpectedObjectInputStreamTest {
/**
* Test of resolveClass method, of class ExpectedOjectInputStream.
* Test of resolveClass method, of class ExpectedObjectInputStream.
*/
@Test
public void testResolveClass() {
@@ -49,7 +50,7 @@ public class ExpectedOjectInputStreamTest {
byte[] buf = mem.toByteArray();
out.close();
ByteArrayInputStream in = new ByteArrayInputStream(buf);
ExpectedOjectInputStream instance = new ExpectedOjectInputStream(in, "java.util.ArrayList", "org.owasp.dependencycheck.utils.SimplePojo", "java.lang.Integer", "java.lang.Number");
ExpectedObjectInputStream instance = new ExpectedObjectInputStream(in, "java.util.ArrayList", "org.owasp.dependencycheck.utils.SimplePojo", "java.lang.Integer", "java.lang.Number");
instance.readObject();
} catch (IOException | ClassNotFoundException ex) {
fail(ex.getMessage());
@@ -65,7 +66,7 @@ public class ExpectedOjectInputStreamTest {
}
/**
* Test of resolveClass method, of class ExpectedOjectInputStream.
* Test of resolveClass method, of class ExpectedObjectInputStream.
*/
@Test(expected = java.io.InvalidClassException.class)
public void testResolveClassException() throws Exception {
@@ -81,7 +82,7 @@ public class ExpectedOjectInputStreamTest {
}
ByteArrayInputStream in = new ByteArrayInputStream(buf);
ExpectedOjectInputStream instance = new ExpectedOjectInputStream(in, "java.util.ArrayList", "org.owasp.dependencycheck.utils.SimplePojo");
ExpectedObjectInputStream instance = new ExpectedObjectInputStream(in, "java.util.ArrayList", "org.owasp.dependencycheck.utils.SimplePojo");
instance.readObject();
}
}